Page 1 of 1
NSclient++ password
Posted: Tue Sep 08, 2015 11:05 am
by spiderpig
Hi,
I have default setup for my nsclient++, and I like to set a new password for it.
where should i begin, and how to implement this?
and do I have to change nsc.ini on all the remote agents?
Re: NSclient++ password
Posted: Tue Sep 08, 2015 11:22 am
by hsmith
spiderpig wrote:Hi,
I have default setup for my nsclient++, and I like to set a new password for it.
where should i begin, and how to implement this?
Add this second to the .ini.
Code: Select all
[/settings/default]
; PASSWORD - Password used to authenticate against server
password = GOODPASSWORD
spiderpig wrote:and do I have to change nsc.ini on all the remote agents?
If you need to change / update the password, yeah.
Re: NSclient++ password
Posted: Tue Sep 08, 2015 11:22 am
by tmcdonald
This will need to be changed both on the Nagios side of things and on the NSClient machines themselves. I can't tell you how you have your password set up Nagios-side, but you likely have it in the resource.cfg file and reference it as a $USERx$ variable. Otherwise you may have it set in the service definition itself. Check out your services.cfg, or if you have services in their own files you will want to check those.
Re: NSclient++ password
Posted: Tue Oct 27, 2015 11:23 am
by spiderpig
ok, but how can i encrpt the password in the nsc.ini file?
Re: NSclient++ password
Posted: Tue Oct 27, 2015 11:33 am
by tmcdonald
I don't believe this can be done. NSClient might be able to hash the password (which it really should be doing anyway) but encrypting a password doesn't make much sense in the context of automated checking.
Re: NSclient++ password
Posted: Wed Oct 28, 2015 3:53 am
by spiderpig
tmcdonald wrote:I don't believe this can be done. NSClient might be able to hash the password (which it really should be doing anyway) but encrypting a password doesn't make much sense in the context of automated checking.
ok, what is the purpose then to have password?
I just want to prevent someone can set up a nagios server in the network and steal the information from the client.
Re: NSclient++ password
Posted: Wed Oct 28, 2015 9:12 am
by jdalrymple
spiderpig wrote:I just want to prevent someone can set up a nagios server in the network and steal the information from the client.
In order to get the password out of the nsclient.ini or out of the services definition would they not have to access one of the 2 servers anyway? And if you've granted them access to the servers... what really are you securing them from?